Recently, there have been incidents were large amounts of electronic data and electronic files have been extracted from secure computing systems and networks by users with removable media devices. For example, in the Wikileaks incident, a U.S. Army specialist was able to download thousands of confidential and secret files to CD-ROMS via a computer terminal, which he then allegedly carried outside a secure facility.
In the past, before the proliferation of electronic information systems, it was not possibly for one individual to access and transport such a large volume of secret documents. The physical size and volume of such documents in printed form prevented an individual from conveniently or practically transporting such documents without raising awareness or triggering detection by security personnel.
Existing data security measures typically rely on an array of physical and electronic security measures to prevent the release of sensitive personal, company, and/or government information. Many security measures are focused on preventing intruders from breaking physical and electronic security.
Electronic security measures include encryption, authentication, firewalls, passwords, virus detection, Trojan horse detection, and other network security tools. Physical security mechanisms include locked rooms, fences, secure facilities, background checks, cameras, badges, and personnel searches. Most security mechanisms provide perimeter security to prevent unauthorized entry and/or egress from a secure facility or electronic computing system.
Unfortunately, existing security measures have proven inadequate to prevent personnel with access to large volumes of sensitive electronic data from conveniently downloading such data and/or files to removable media which can then be easily concealed for physical transport from a secure facility.